The instant disclosure is directed to an attack/unwanted activity detecting firewall for use in protecting authentication-based network resources. The instant system is adapted for installation inline or in sniffer mode. In various embodiments, defined rules are applied to network traffic to determine whether certain types of attacks are occurring on the network resources. If one such attack is detected, the system provides for several potential responses, including for example disconnecting the attacking remote machine, requiring the user at that machine to re-authenticate, and/or requiring a second factor of authentication from the user at that machine. In some example embodiments, regardless of any activity required of a user at the remote machine suspected of malicious behavior, the disclosed system generates an alarm or other alert for presentation as appropriate, such as via a graphical user interface or a third-party system using an API.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
4. The system of claim 3, wherein affecting a future analysis of first portions of future received network traffic comprises altering a collection of algorithms configured to determine whether the first portion is indicative of an attack on the protected computer resource.
This invention relates to cybersecurity systems designed to protect computer resources from network-based attacks. The system monitors incoming network traffic and analyzes portions of the traffic to detect potential threats. A key feature is the ability to dynamically adjust the analysis process based on prior detections or other factors. Specifically, the system can modify the collection of algorithms used to assess whether a portion of network traffic indicates an attack. These algorithms may include pattern recognition, anomaly detection, or behavioral analysis techniques. By altering the algorithms, the system can improve detection accuracy, reduce false positives, or adapt to evolving attack patterns. The adjustments may be triggered by historical data, real-time threat intelligence, or changes in network conditions. This adaptive approach enhances the system's ability to defend against sophisticated and evolving cyber threats while maintaining efficient operation. The invention focuses on optimizing the analysis process to better identify and mitigate attacks targeting protected computer resources.
8. The system of claim 1, wherein the plurality of instructions further cause the at least one processor to operate with at least one network interface device to enforce the security policy.
9. The system of claim 1, wherein the plurality of instructions further cause the at least one processor to operate with at least one network interface device to receive the security policy from a third party resource.
14. The method of claim 13, wherein affecting a future analysis of first portions of future received network traffic comprises altering a collection of algorithms configured to determine whether the first portion is indicative of an attack on the protected computer resource.
This invention relates to cybersecurity systems for protecting computer resources from network-based attacks. The problem addressed is the need to dynamically adjust security analysis methods based on observed network traffic patterns to improve detection accuracy and efficiency. The method involves monitoring network traffic directed at a protected computer resource and identifying portions of the traffic that exhibit characteristics of an attack. When such portions are detected, the system affects future analysis of similar traffic by altering the collection of algorithms used to evaluate subsequent traffic portions. These algorithms are designed to determine whether incoming traffic segments are indicative of an attack. The alteration may involve selecting different algorithms, adjusting their parameters, or reconfiguring their execution sequence to better handle the observed attack patterns. This adaptive approach allows the system to improve its detection capabilities over time by learning from previous attack attempts. The method may also involve analyzing the attack characteristics to determine the most effective algorithms for future detection, ensuring that the system remains responsive to evolving threats.
19. The system of claim 1, wherein the security policy is updated based on at least one of external network details, past analyzed external network weaknesses, and past analyzed external network patterns of activity.
This invention relates to a cybersecurity system that dynamically updates security policies based on external network conditions. The system monitors external networks to detect vulnerabilities, attack patterns, and other relevant activity, then adjusts its security policies in response. The system includes a network monitoring component that collects data on external network weaknesses, such as unpatched software, misconfigurations, or known exploits. It also analyzes historical attack patterns to identify recurring threats or emerging trends. Additionally, the system tracks normal and abnormal activity patterns in external networks to detect anomalies that may indicate malicious behavior. By integrating these insights, the system updates its security policies to enhance protection against evolving threats. The dynamic policy adjustments help mitigate risks by proactively addressing newly discovered vulnerabilities and adapting to changing attack strategies. This approach improves the system's ability to defend against both known and unknown threats by continuously refining its security posture based on real-world network intelligence.
20. The method of claim 11, wherein the security policy is updated based on at least one of external network details, past analyzed external network weaknesses, and past analyzed external network patterns of activity.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 5, 2018
November 15, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.